package com.learn.authorization.controller;

import com.alibaba.fastjson.JSONObject;
import com.learn.authorization.pojo.User;
import com.learn.authorization.result.R;
import com.learn.authorization.service.LoginService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.*;

/**
 * @author DJJ_F
 * @version 1.0
 * @date 2025/04/07
 * @description
 */
@RestController
public class LoginController {
    @Autowired
    private LoginService loginService;
    /**
     * 设置接口权限的样例，还需要在security配置类写注解
     * @return
     */
    @GetMapping("/hello")
//    @PreAuthorize("hasAuthority('test')")
    // SPEL表达式@{beanid} 表示取出对应的bean的方法
    @PreAuthorize("@ex.hasAuthority('dept:admin')")
    public String hello() {
        return "hello";
    }

    @PostMapping("user/login")
    public R<JSONObject> login(@RequestBody User user) {
        String login = loginService.login(user);
        JSONObject json = new JSONObject();
        json.put("token", login);
        return R.OK("登录成功", json);
    }

    @RequestMapping("testCors")
    public R testCors() {
        return R.OK("testCors");
    }
}
